I am implementing Single Sign On in java application via ADFS. I have only ADFS URL, and its metadata.xml.ADFS is using SAML. Access to the ADFS logs I dont have. I need to implement SSO, so I can only send requests from https? How can I achieve https on tomcat If, maybe via Azure? Maybe I can Set up this environment on Ubuntu? I used very many example and non of them are working, usually, I get response from ADFS server saying "An error ocured, contact your administrator". Is there any tutorial that is working?
Asked
Active
Viewed 1,060 times
1 Answers
1
Found this useful posting on SO on how to ADFS SSO-enable a Java app. Hope this helps. Your application needs to act as a SAML SP, either directly (from your code), or indirectly (e.g. through SAML SP support on reverse proxy, application server, ...). For direct options (which require more modifications to your application) you can: • code the SAML SP yourself (most likely with OpenSAML, you can find examples in sources of existing products) • use a ready-made product to integrate into your application, such as Spring SAML or OpenAM Fedlet For indirect options (which require less modifications to your application) you can: • use Shibboleth SAML SP plugins on your Apache reverse proxy (if you use one) • deploy SAML SP as another application on your container (e.g. Spring SAML or OpenAM) and make it communicate with your application - so SAML SP performs authentication with ADFS and communicates this to your application e.g. through a shared cookie, or a custom token You can find more comparison details and considerations in this thread. ADFS 3 should have support for OAuth Authorization Server and it might well be an easier way to integrate, see here and here. Implementing authentication using OAuth is generally significantly easier than SAML, with no relevant disadvantages.
Femi Sulu
- 303
- 1
- 4